An API token allows an external system to talk to the Omneo API to read and write data in real time. and can be found in the Settings area of the CX Manager. For each API token, you can select scopes. This is the specific permissions that the system will have with Omneo data. You should only give the token the scopes it needs to do its job.
Be extra cautious with tokens that are allowed to read profile data as this includes Personally Identifiable Information (PII) and if access to this token is misplaced then this may need to be reported as a customer data breach.
Also be cautious with tokens that are given write access as they can change data in Omneo, which can trigger knock on effects.
Any CX Manager user can create API tokens with a pre-defined set of scopes - but keep in mind that Tokens are linked to the user who created them for additional security, which means if the user is deleted in future, then all tokens created by that user are also deleted.
TIP: For all integration tokens we recommend first creating a Machine User that is named to match the system that will be talking to the Omneo API and that all tokens that it requires are created using that account. You can safely update the Machine Users password to CX manager to maintain its security without needing to update the tokens.
The only tokens you should create against your own 'human' user account would be ones for testing purposes.
Tokens have a default expiry limit, so be sure to record the expiry dates somewhere useful so that you remember to generate new secure tokens and load them into your connected systems before they expire.
Read more in the Omneo Security Guide